CVE-2005-4054 Information

Description

SQL injection vulnerability in index.php in PluggedOut Blog 1.9.5 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) categoryid (2) entryid (3) year (4) month and (5) day parameter.

Reference

http://pridels0.blogspot.com/2005/12/pluggedout-blog-sql-vuln.html http://secunia.com/advisories/17911 http://www.osvdb.org/21480 http://www.securityfocus.com/bid/15746 http://www.vupen.com/english/advisories/2005/2750